From 20dcaf554829128cc1fb0171203d0b52d002da55 Mon Sep 17 00:00:00 2001 From: Brendan Cully Date: Thu, 1 Sep 2005 17:07:14 +0000 Subject: [PATCH] Remove obsolete Cyrus SASL 1.5 support. --- configure.in | 36 ++------------------ imap/auth_sasl.c | 32 +----------------- main.c | 5 --- mutt_sasl.c | 87 +----------------------------------------------- mutt_sasl.h | 8 ----- pop_auth.c | 27 +-------------- 6 files changed, 5 insertions(+), 190 deletions(-) diff --git a/configure.in b/configure.in index 96cbcea88..e23c5347c 100644 --- a/configure.in +++ b/configure.in @@ -612,7 +612,7 @@ then fi AM_CONDITIONAL(USE_SSL, test x$need_ssl = xyes) -AC_ARG_WITH(sasl, AC_HELP_STRING([--with-sasl[=PFX]], [Use Cyrus SASL library for POP/IMAP authentication]), +AC_ARG_WITH(sasl, AC_HELP_STRING([--with-sasl[=PFX]], [Use Cyrus SASL 2 network security library]), [ if test "$need_socket" != "yes" then @@ -629,46 +629,14 @@ AC_ARG_WITH(sasl, AC_HELP_STRING([--with-sasl[=PFX]], [Use Cyrus SASL library fo saved_LIBS="$LIBS" - AC_CHECK_LIB(sasl, sasl_client_init,, - AC_MSG_ERROR([could not find libsasl]),) - - MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_sasl.o" - MUTTLIBS="$MUTTLIBS -lsasl" - LIBS="$saved_LIBS" - AC_DEFINE(USE_SASL,1, - [ Define if want to use the Cyrus SASL library for POP/IMAP authentication. ]) - need_sasl=yes - fi - ]) -AM_CONDITIONAL(USE_SASL, test x$need_sasl = xyes) - -AC_ARG_WITH(sasl2, AC_HELP_STRING([--with-sasl2[=PFX]], [Use Cyrus SASL library version 2 for POP/IMAP authentication]), - [ - if test "$need_socket" != "yes" - then - AC_MSG_ERROR([SASL support is only useful with POP or IMAP support]) - fi - - if test "$with_sasl2" != "no" - then - if test "$with_sasl2" != "yes" - then - CPPFLAGS="$CPPFLAGS -I$with_sasl2/include" - LDFLAGS="$LDFLAGS -L$with_sasl2/lib" - fi - - saved_LIBS="$LIBS" - AC_CHECK_LIB(sasl2, sasl_client_init,, - AC_MSG_ERROR([could not find libsasl]),) + AC_MSG_ERROR([could not find libsasl2]),) MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_sasl.o" MUTTLIBS="$MUTTLIBS -lsasl2" LIBS="$saved_LIBS" AC_DEFINE(USE_SASL,1, [ Define if want to use the Cyrus SASL library for POP/IMAP authentication. ]) - AC_DEFINE(USE_SASL2,1, - [ Define if want to use version 2 of the Cyrus SASL library. ]) need_sasl=yes fi ]) diff --git a/imap/auth_sasl.c b/imap/auth_sasl.c index 34a3bf1d9..aae03ea0e 100644 --- a/imap/auth_sasl.c +++ b/imap/auth_sasl.c @@ -27,13 +27,8 @@ #include "imap_private.h" #include "auth.h" -#ifdef USE_SASL2 #include #include -#else -#include -#include -#endif /* imap_auth_sasl: Default authenticator if available. */ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata, const char* method) @@ -43,11 +38,7 @@ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata, const char* method) int rc, irc; char buf[HUGE_STRING]; const char* mech; -#ifdef USE_SASL2 const char *pc = NULL; -#else - char* pc = NULL; -#endif unsigned int len, olen; unsigned char client_start; @@ -76,25 +67,15 @@ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata, const char* method) if (mutt_bit_isset (idata->capabilities, AUTH_ANON) && (!idata->conn->account.user[0] || !ascii_strncmp (idata->conn->account.user, "anonymous", 9))) -#ifdef USE_SASL2 rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, &pc, &olen, &mech); -#else - rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, NULL, &pc, &olen, - &mech); -#endif } if (rc != SASL_OK && rc != SASL_CONTINUE) do { -#ifdef USE_SASL2 rc = sasl_client_start (saslconn, method, &interaction, &pc, &olen, &mech); -#else - rc = sasl_client_start (saslconn, method, NULL, &interaction, - &pc, &olen, &mech); -#endif if (rc == SASL_INTERACT) mutt_sasl_interact (interaction); } @@ -138,12 +119,7 @@ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata, const char* method) if (irc == IMAP_CMD_RESPOND) { -#ifdef USE_SASL2 - if (sasl_decode64 (idata->cmd.buf+2, strlen (idata->cmd.buf+2), buf, LONG_STRING-1, -#else - if (sasl_decode64 (idata->cmd.buf+2, strlen (idata->cmd.buf+2), buf, -#endif - &len) != SASL_OK) + if (sasl_decode64 (idata->cmd.buf+2, strlen (idata->cmd.buf+2), buf, LONG_STRING-1, &len) != SASL_OK) { dprint (1, (debugfile, "imap_auth_sasl: error base64-decoding server response.\n")); goto bail; @@ -174,12 +150,6 @@ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata, const char* method) dprint (1, (debugfile, "imap_auth_sasl: error base64-encoding client response.\n")); goto bail; } - - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to - * free it */ -#ifndef USE_SASL2 - FREE (&pc); -#endif } if (irc == IMAP_CMD_RESPOND) diff --git a/main.c b/main.c index 74cd43c92..c5d1b956e 100644 --- a/main.c +++ b/main.c @@ -268,11 +268,6 @@ static void show_version (void) "+USE_SASL " #else "-USE_SASL " -#endif -#ifdef USE_SASL2 - "+USE_SASL2 " -#else - "-USE_SASL2 " #endif "\n" diff --git a/mutt_sasl.c b/mutt_sasl.c index 294dbc792..38f9b1e05 100644 --- a/mutt_sasl.c +++ b/mutt_sasl.c @@ -27,17 +27,12 @@ #include "mutt_sasl.h" #include "mutt_socket.h" -#ifdef USE_SASL2 #include #include #include -#else -#include -#endif #include #include -#ifdef USE_SASL2 static int getnameinfo_err(int ret) { int err; @@ -79,16 +74,13 @@ static int getnameinfo_err(int ret) } return err; } -#endif /* arbitrary. SASL will probably use a smaller buffer anyway. OTOH it's * been a while since I've had access to an SASL server which negotiated * a protection buffer. */ #define M_SASL_MAXBUF 65536 -#ifdef USE_SASL2 #define IP_PORT_BUFLEN 1024 -#endif static sasl_callback_t mutt_sasl_callbacks[5]; @@ -108,7 +100,6 @@ static int mutt_sasl_conn_read (CONNECTION* conn, char* buf, size_t len); static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf, size_t count); -#ifdef USE_SASL2 /* utility function, stolen from sasl2 sample code */ static int iptostring(const struct sockaddr *addr, socklen_t addrlen, char *out, unsigned outlen) { @@ -133,7 +124,6 @@ static int iptostring(const struct sockaddr *addr, socklen_t addrlen, return SASL_OK; } -#endif /* mutt_sasl_start: called before doing a SASL exchange - initialises library * (if necessary). */ @@ -175,13 +165,9 @@ int mutt_sasl_start (void) int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) { sasl_security_properties_t secprops; -#ifdef USE_SASL2 struct sockaddr_storage local, remote; socklen_t size; char iplocalport[IP_PORT_BUFLEN], ipremoteport[IP_PORT_BUFLEN]; -#else - sasl_external_properties_t extprops; -#endif const char* service; int rc; @@ -201,7 +187,6 @@ int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) return -1; } -#ifdef USE_SASL2 size = sizeof (local); if (getsockname (conn->fd, (struct sockaddr *)&local, &size)){ dprint (1, (debugfile, "mutt_sasl_client_new: getsockname for local failed\n")); @@ -229,11 +214,6 @@ int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) rc = sasl_client_new (service, conn->account.host, iplocalport, ipremoteport, mutt_sasl_get_callbacks (&conn->account), 0, saslconn); -#else - rc = sasl_client_new (service, conn->account.host, - mutt_sasl_get_callbacks (&conn->account), SASL_SECURITY_LAYER, saslconn); -#endif - if (rc != SASL_OK) { dprint (1, (debugfile, @@ -241,42 +221,6 @@ int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) return -1; } - /*** set sasl IP properties, necessary for use with krb4 ***/ - /* Do we need to fail if this fails? I would assume having these unset - * would just disable KRB4. Who wrote this code? */ -#ifndef USE_SASL2 /* with SASLv2 this all happens in sasl_client_new */ - { - struct sockaddr_in local, remote; - socklen_t size; - - size = sizeof (local); - if (getsockname (conn->fd, (struct sockaddr*) &local, &size)) - return -1; - - size = sizeof(remote); - if (getpeername(conn->fd, (struct sockaddr*) &remote, &size)) - return -1; - -#ifdef SASL_IP_LOCAL - if (sasl_setprop(*saslconn, SASL_IP_LOCAL, &local) != SASL_OK) - { - dprint (1, (debugfile, - "mutt_sasl_client_new: Error setting local IP address\n")); - return -1; - } -#endif - -#ifdef SASL_IP_REMOTE - if (sasl_setprop(*saslconn, SASL_IP_REMOTE, &remote) != SASL_OK) - { - dprint (1, (debugfile, - "mutt_sasl_client_new: Error setting remote IP address\n")); - return -1; - } -#endif - } -#endif - /* set security properties. We use NOPLAINTEXT globally, since we can * just fall back to LOGIN in the IMAP case anyway. If that doesn't * work for POP, we can make it a flag or move this code into @@ -295,27 +239,19 @@ int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) if (conn->ssf) { -#ifdef USE_SASL2 /* I'm not sure this actually has an effect, at least with SASLv2 */ + /* I'm not sure this actually has an effect, at least with SASLv2 */ dprint (2, (debugfile, "External SSF: %d\n", conn->ssf)); if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &(conn->ssf)) != SASL_OK) -#else - memset (&extprops, 0, sizeof (extprops)); - extprops.ssf = conn->ssf; - dprint (2, (debugfile, "External SSF: %d\n", extprops.ssf)); - if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &extprops) != SASL_OK) -#endif { dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n")); return -1; } -#ifdef USE_SASL2 dprint (2, (debugfile, "External authentication name: %s\n", conn->account.user)); if (sasl_setprop (*saslconn, SASL_AUTH_EXTERNAL, conn->account.user) != SASL_OK) { dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n")); return -1; } -#endif } return 0; @@ -400,19 +336,11 @@ void mutt_sasl_setup_conn (CONNECTION* conn, sasl_conn_t* saslconn) sasldata->saslconn = saslconn; /* get ssf so we know whether we have to (en|de)code read/write */ -#ifdef USE_SASL2 sasl_getprop (saslconn, SASL_SSF, (const void**) &sasldata->ssf); -#else - sasl_getprop (saslconn, SASL_SSF, (void**) &sasldata->ssf); -#endif dprint (3, (debugfile, "SASL protection strength: %u\n", *sasldata->ssf)); /* Add SASL SSF to transport SSF */ conn->ssf += *sasldata->ssf; -#ifdef USE_SASL2 sasl_getprop (saslconn, SASL_MAXOUTBUF, (const void**) &sasldata->pbufsize); -#else - sasl_getprop (saslconn, SASL_MAXOUTBUF, (void**) &sasldata->pbufsize); -#endif dprint (3, (debugfile, "SASL protection buffer size: %u\n", *sasldata->pbufsize)); /* clear input buffer */ @@ -539,9 +467,6 @@ static int mutt_sasl_conn_close (CONNECTION* conn) /* release sasl resources */ sasl_dispose (&sasldata->saslconn); -#ifndef USE_SASL2 - FREE (&sasldata->buf); -#endif FREE (&sasldata); /* call underlying close */ @@ -573,9 +498,6 @@ static int mutt_sasl_conn_read (CONNECTION* conn, char* buf, size_t len) conn->sockdata = sasldata->sockdata; -#ifndef USE_SASL2 - FREE (&sasldata->buf); -#endif sasldata->bpos = 0; sasldata->blen = 0; @@ -623,11 +545,7 @@ static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf, SASL_DATA* sasldata; int rc; -#ifdef USE_SASL2 const char *pbuf; -#else - char* pbuf; -#endif unsigned int olen, plen; sasldata = (SASL_DATA*) conn->sockdata; @@ -650,9 +568,6 @@ static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf, } rc = (sasldata->msasl_write) (conn, pbuf, plen); -#ifndef USE_SASL2 - FREE (&pbuf); -#endif if (rc != plen) goto fail; diff --git a/mutt_sasl.h b/mutt_sasl.h index 3959ee787..bedbba79f 100644 --- a/mutt_sasl.h +++ b/mutt_sasl.h @@ -21,11 +21,7 @@ #ifndef _MUTT_SASL_H_ #define _MUTT_SASL_H_ 1 -#ifdef USE_SASL2 #include -#else -#include -#endif #include "mutt_socket.h" @@ -41,11 +37,7 @@ typedef struct const unsigned int* pbufsize; /* read buffer */ -#ifdef USE_SASL2 const char *buf; -#else - char* buf; -#endif unsigned int blen; unsigned int bpos; diff --git a/pop_auth.c b/pop_auth.c index 3491fb49b..1710b0b0d 100644 --- a/pop_auth.c +++ b/pop_auth.c @@ -29,13 +29,8 @@ #include #ifdef USE_SASL -#ifdef USE_SASL2 #include #include -#else -#include -#include -#endif #include "mutt_sasl.h" #endif @@ -50,11 +45,7 @@ static pop_auth_res_t pop_auth_sasl (POP_DATA *pop_data, const char *method) char buf[LONG_STRING]; char inbuf[LONG_STRING]; const char* mech; -#ifdef USE_SASL2 const char *pc = NULL; -#else - char* pc = NULL; -#endif unsigned int len, olen; unsigned char client_start; @@ -69,12 +60,7 @@ static pop_auth_res_t pop_auth_sasl (POP_DATA *pop_data, const char *method) FOREVER { -#ifdef USE_SASL2 - rc = sasl_client_start(saslconn, method, &interaction, &pc, &olen, &mech); -#else - rc = sasl_client_start (saslconn, method, NULL, - &interaction, &pc, &olen, &mech); -#endif + rc = sasl_client_start(saslconn, method, &interaction, &pc, &olen, &mech); if (rc != SASL_INTERACT) break; mutt_sasl_interact (interaction); @@ -110,13 +96,8 @@ static pop_auth_res_t pop_auth_sasl (POP_DATA *pop_data, const char *method) if (rc != SASL_CONTINUE) break; -#ifdef USE_SASL2 if (!mutt_strncmp (inbuf, "+ ", 2) && sasl_decode64 (inbuf, strlen (inbuf), buf, LONG_STRING-1, &len) != SASL_OK) -#else - if (!mutt_strncmp (inbuf, "+ ", 2) - && sasl_decode64 (inbuf, strlen (inbuf), buf, &len) != SASL_OK) -#endif { dprint (1, (debugfile, "pop_auth_sasl: error base64-decoding server response.\n")); goto bail; @@ -144,12 +125,6 @@ static pop_auth_res_t pop_auth_sasl (POP_DATA *pop_data, const char *method) dprint (1, (debugfile, "pop_auth_sasl: error base64-encoding client response.\n")); goto bail; } - - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to - * free it */ -#ifndef USE_SASL2 - FREE (&pc); -#endif } } -- 2.40.0